update runc binary to v1.0.0-rc10 (CVE-2019-19921)

AkihiroSuda · thaJeztah · commit 4b4ef42785cb · 2020-02-04T18:41:00.000+01:00
Notable changes: * Fix CVE-2019-19921 (Volume mount race condition with shared mounts): opencontainers/runc#2207 * Fix exec FIFO race: opencontainers/runc#2185 * Basic support for cgroup v2. Almost feature-complete, but still missing support for systemd mode in rootless. See also opencontainers/runc#2209 for the known issues. Full changes: opencontainers/runc@v1.0.0-rc9...v1.0.0-rc10 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> (cherry picked from commit cd43c1d1ac81a37dc8f9aad16d33949df80ac5b9) Signed-off-by: Sebastiaan van Stijn <github@gone.nl> Upstream-commit: 3bd1759f804a53d15685e22eab7d609bb1fa556b Component: engine
diff --git a/components/engine/hack/dockerfile/install/runc.installer b/components/engine/hack/dockerfile/install/runc.installer
@@ -4,7 +4,7 @@
 # The version of runc should match the version that is used by the containerd
 # version that is used. If you need to update runc, open a pull request in
 # the containerd project first, and update both after that is merged.
-RUNC_COMMIT=d736ef14f0288d6993a1845745d6756cfc9ddd5a # v1.0.0-rc9
+RUNC_COMMIT=dc9208a3303feef5b3839f4323d9beb36df0a9dd # v1.0.0-rc10
 
 install_runc() {
 	# If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting
